<?php
/**

 */
defined('IN_IA') or exit('Access Denied');

$do = !empty($_GPC['do']) && in_array($_GPC['do'], array('profile', 'base')) ? $_GPC['do'] : 'profile';
if ($do == 'profile') {
    $_W['page']['title'] = '账号信息 - 我的账户 - 用户管理';
    if (checksubmit('submit')) {
        $sql = "SELECT username, password, salt FROM " . tablename('users') . " WHERE `username` = '{$_GPC['name']}'";
        $user = pdo_fetch($sql);
        if (empty($user)) {
            message('抱歉，用户不存在或是已经被删除！', url('user/profile'), 'error');
        }
        if (empty($_GPC['name']) || empty($_GPC['pw']) || empty($_GPC['pw2'])) {
            message('管理账号或者密码不能为空，请重新填写！', url('user/profile'), 'error');
        }
        if ($_GPC['pw'] == $_GPC['pw2']) {
            message('新密码与原密码一致，请检查！', url('user/profile'), 'error');
        }
        $password_old = user_hash($_GPC['pw'], $user['salt']);
        if ($user['password'] != $password_old) {
            message('原密码错误，请重新填写！', url('user/profile'), 'error');
        }
        $result = '';
        $members = array(
            'username' => $_GPC['name'],
            'password' => user_hash($_GPC['pw2'], $user['salt']),
        );
        $result = pdo_update('users', $members, array('uid' => $_W['uid']));
        message('修改成功！', url('index'), 'success');
    }
}

if ($do == 'base') {
    $_W['page']['title'] = '基本信息 - 我的账户 - 用户管理';
    load()->func('tpl');
    $extendfields = pdo_fetchall("SELECT field, title, description, required FROM " . tablename('profile_fields') . " WHERE available = '1' AND showinregister = '1' ORDER BY displayorder DESC");
    $profile = pdo_fetch('SELECT * FROM ' . tablename('users_profile') . ' WHERE `uid` = :uid LIMIT 1', array(':uid' => $_W['uid']));
    if (checksubmit('submit')) {
        if (!empty($extendfields)) {
            foreach ($extendfields as $row) {
                $field=trim($_GPC[$row['field']]);
                if (!empty($row['required']) && empty($field)) {
                    message('“' . $row['title'] . '”此项为必填项，请返回填写完整！');
                }
                $profile[$row['field']] = $_GPC[$row['field']];
                if (!empty($_GPC['birthyear'])) {
                    $profile['birthyear'] = $_GPC['birthyear'];
                    $profile['birthmonth'] = $_GPC['birthmonth'];
                    $profile['birthday'] = $_GPC['birthday'];
                }
                if (!empty($_GPC['resideprovince'])) {
                    $profile['resideprovince'] = $_GPC['resideprovince'];
                    $profile['residecity'] = $_GPC['residecity'];
                    $profile['residedist'] = $_GPC['residedist'];
                }
            }
            if ($_W['uid'] > 0) {
                if (!empty($profile)) {
                    $exist = pdo_fetchcolumn('SELECT COUNT(*) FROM ' . tablename('users_profile') . ' WHERE `uid` = :uid', array(':uid' => $_W['uid']));
                    if ($exist == '0') {
                        $profile['uid'] = $_W['uid'];
                        pdo_insert('users_profile', $profile);
                    } else {
                        pdo_update('users_profile', $profile, array('uid' => $_W['uid']));
                    }
                }
                message('保存成功', url('user/profile/base'), success);
            } else {
                message('用户不存在', url('user/profile/base'), error);
            }
        }
    }
}

template('user/profile');
